Continuous Fraud Detection in Enterprise Systems through Audit Trail Analysis

Peter J. Best; Pall Rikhardsson; Mark Toleman

Journal of Digital Forensics, Security and Law (Mar 2009)

Continuous Fraud Detection in Enterprise Systems through Audit Trail Analysis

Peter J. Best,
Pall Rikhardsson,
Mark Toleman

Affiliations

Peter J. Best: University of Southern Queensland Toowoomba, Queensland, Australia
Pall Rikhardsson: Financial Intelligence Division Business Advisory, SAS Institute A/S Copenhagen K, Denmark
Mark Toleman: University of Southern Queensland Toowoomba, Queensland, Australia

Journal volume & issue: Vol. 4, no. 1
pp. 39 – 60

Abstract

Read online

Enterprise systems, real time recording and real time reporting pose new and significant challenges to the accounting and auditing professions. This includes developing methods and tools for continuous assurance and fraud detection. In this paper we propose a methodology for continuous fraud detection that exploits security audit logs, changes in master records and accounting audit trails in enterprise systems. The steps in this process are: (1) threat monitoring-surveillance of security audit logs for â€˜red flagsâ€™, (2) automated extraction and analysis of data from audit trails, and (3) using forensic investigation techniques to determine whether a fraud has actually occurred. We demonstrate how mySAP, an enterprise system, can be used for audit trail analysis in detecting financial frauds; afterwards we use a case study of a suspected fraud to illustrate how to implement the methodology.

Published in Journal of Digital Forensics, Security and Law

ISSN: 1558-7215 (Print); 1558-7223 (Online)
Publisher: Association of Digital Forensics, Security and Law
Country of publisher: United States
LCC subjects: Law: Law in general. Comparative and uniform law. Jurisprudence: Comparative law. International uniform law: Criminal law and procedure
Website: http://www.jdfsl.org

About the journal